Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/mFPikFTe5Ye_6V6NFpkHU1XHUyc.roa
File: mFPikFTe5Ye_6V6NFpkHU1XHUyc.roa (raw, json)
Hash identifier: aIL2Fs+7AxI62yg5Zs86j8z9yx7P9IGny7yZekRMFg4=
Subject key identifier: 98:53:E2:90:54:DE:E5:87:BF:E9:5E:8D:16:99:07:53:55:C7:53:27
Certificate issuer: /CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Certificate serial: 019421B2470B4231C7C085CC0B03644CC292
Authority key identifier: 05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/mFPikFTe5Ye_6V6NFpkHU1XHUyc.roa
Signing time: Wed 01 Jan 2025 11:48:39 +0000
ROA not before: Wed 01 Jan 2025 11:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 89.167.134.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:47:0b:42:31:c7:c0:85:cc:0b:03:64:4c:c2:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Validity
Not Before: Jan 1 11:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9853e29054dee587bfe95e8d1699075355c75327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:04:75:c7:7c:db:78:cf:ae:83:5b:7e:95:b7:
30:e7:5a:f9:fc:8b:71:17:40:02:a8:c4:57:59:3c:
6c:5a:d9:52:b4:d1:fc:15:e8:ac:45:90:d0:07:6e:
71:d1:b4:c9:c7:b7:9e:e8:3f:61:fc:10:68:d0:36:
a0:b4:68:e2:23:c5:e6:eb:b1:74:01:ed:b4:6b:f0:
41:a2:31:56:dc:ba:18:da:17:11:45:1a:c5:ca:03:
8b:93:82:81:82:4a:29:52:ec:be:fc:62:dc:58:85:
7c:fd:f0:96:eb:5a:0a:40:a9:27:2f:c2:1e:ff:1d:
f0:56:8e:fa:fb:48:0d:ee:53:c6:c0:ef:1f:3f:7d:
1c:aa:87:e3:75:72:3f:02:19:af:ec:d5:14:c9:90:
5f:a8:37:7b:81:f2:99:89:4d:51:38:57:d7:46:fd:
11:fb:5f:af:52:24:c2:8b:1f:b7:a6:ed:f9:7f:05:
7f:06:52:cc:d2:41:65:7c:47:f4:75:51:56:c9:99:
5a:9f:01:b7:a5:d2:ec:70:64:49:8c:5f:5f:7b:a9:
14:2c:e8:68:70:43:08:82:ce:0e:30:a4:f4:07:de:
f9:ec:20:3e:cc:75:e3:21:23:b0:3a:10:53:ff:67:
41:c3:d9:14:bd:a3:61:be:52:f1:dc:13:c3:d5:cb:
98:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:53:E2:90:54:DE:E5:87:BF:E9:5E:8D:16:99:07:53:55:C7:53:27
X509v3 Authority Key Identifier:
keyid:05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/mFPikFTe5Ye_6V6NFpkHU1XHUyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.167.134.0/24
Signature Algorithm: sha256WithRSAEncryption
17:6f:f3:d4:d4:fd:39:7c:95:70:97:6e:37:6a:05:2d:e7:e8:
53:31:bc:e0:41:51:f4:63:55:61:e4:71:a4:bb:a7:9d:a3:f6:
cd:fa:6c:b2:bf:76:2c:36:59:72:7e:11:24:57:4b:4a:17:ac:
8f:66:76:bd:33:8c:8f:0d:06:90:53:fb:ec:0c:84:ea:77:c1:
a3:ec:dd:23:c4:e6:67:15:e2:a6:c4:69:3d:b6:96:0d:fb:4b:
02:f7:34:d4:16:e1:e5:b5:96:6a:6d:db:b2:c8:c0:ba:cb:dd:
62:c8:e9:74:50:44:a5:ee:f7:8d:40:ab:c7:8c:62:bc:b7:32:
bf:43:89:e2:34:91:90:82:c7:b3:47:e3:9e:5c:61:49:65:37:
62:14:70:71:29:3f:90:4b:69:02:83:58:ca:83:63:ea:e1:48:
13:2b:d1:2e:10:91:0b:50:f4:38:17:61:74:5a:52:d3:da:ff:
d9:fc:48:b8:77:da:a5:0a:a2:de:93:ef:ee:68:59:7b:52:0f:
a7:8a:a7:e5:c3:4d:6c:32:52:5b:3a:e7:26:e2:15:bf:fa:31:
28:22:9f:09:d2:70:1d:a7:b5:f0:2a:f9:aa:8a:d1:f4:53:cb:
01:67:94:48:7b:ad:c5:15:69:e3:61:7a:30:66:53:72:c1:76:
26:2e:75:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhskcLQjHHwIXMCwNkTMKSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZjNlMTYwMTcyZWNjNzVjOGNhYjFiYWUyNzFiZTNlYmY0
MDdhODAwHhcNMjUwMTAxMTE0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODUzZTI5MDU0ZGVlNTg3YmZlOTVlOGQxNjk5MDc1MzU1Yzc1MzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQR1x3zbeM+ug1t+lbcw51r5/Itx
F0ACqMRXWTxsWtlStNH8FeisRZDQB25x0bTJx7ee6D9h/BBo0DagtGjiI8Xm67F0
Ae20a/BBojFW3LoY2hcRRRrFygOLk4KBgkopUuy+/GLcWIV8/fCW61oKQKknL8Ie
/x3wVo76+0gN7lPGwO8fP30cqofjdXI/Ahmv7NUUyZBfqDd7gfKZiU1ROFfXRv0R
+1+vUiTCix+3pu35fwV/BlLM0kFlfEf0dVFWyZlanwG3pdLscGRJjF9fe6kULOho
cEMIgs4OMKT0B9757CA+zHXjISOwOhBT/2dBw9kUvaNhvlLx3BPD1cuYYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJhT4pBU3uWHv+lejRaZB1NVx1MnMB8GA1UdIwQY
MBaAFAXz4WAXLsx1yMqxuuJxvj6/QHqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0Nzkt
NWQ1NjA5ODljZjdiLzEvbUZQaWtGVGU1WWVfNlY2TkZwa0hVMVhIVXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0NzktNWQ1NjA5ODljZjdi
LzEvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWaeGMA0G
CSqGSIb3DQEBCwUAA4IBAQAXb/PU1P05fJVwl243agUt5+hTMbzgQVH0Y1Vh5HGk
u6edo/bN+myyv3YsNllyfhEkV0tKF6yPZna9M4yPDQaQU/vsDITqd8Gj7N0jxOZn
FeKmxGk9tpYN+0sC9zTUFuHltZZqbduyyMC6y91iyOl0UESl7veNQKvHjGK8tzK/
Q4niNJGQgsezR+OeXGFJZTdiFHBxKT+QS2kCg1jKg2Pq4UgTK9EuEJELUPQ4F2F0
WlLT2v/Z/Ei4d9qlCqLek+/uaFl7Ug+niqflw01sMlJbOucm4hW/+jEoIp8J0nAd
p7XwKvmqitH0U8sBZ5RIe63FFWnjYXowZlNywXYmLnXC
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:37:52 2025 by rpki-client